Taxpayers will finally see some value for money out of the former goverment's ID card scheme.
The cost of destroying the personal data collected under the ill-starred programme will be a mere £400,000, Home Office minister Damian Green revealed yesterday.
The figure came in a commons reply to Paul Goggins MP, who'd asked what …

Shredding the hardware?

Surely that level of CESG approved destruction is reserved for equipment that has handled TS data? Surely a multi pass random data wipe, and incinerating the memory if you are really paranoid would be sufficient.

Alternatively I would like to offer my services with a bloody big axe at a fraction of that price. Hand grenade cos well that would be just as effective.

Aggregation

If you actually read any of the guidance you will see that the affect of aggregation means that although the individual elements may have a low or medium business impact as a whole they may havea higher protected marking.

Imagine the impact if the whole lot was found in skip? Huge, far more than if one persons name and address was disclosed.

There's three basic levels

SSL1 can be discounted, because it only covers eventualities of loss to the public purse of £1000. It involves grinding magnetic media to 25mm particles, but I don't think degaussing is required.

SSL2 compliance covers risk to an individual, or group of individual's, safety and liberty. This means complete demagnification of each disc in turn and then shredding to the BS8470 (known as 'Commercial best Practice') 25mm particles. I know this because this is what we use: it covers potential losses to the Public Purse of up to £10 million.

However, given the furore, they've probably opted for SSL3 compliance - normally reserved for Top secret data or the possibility of "substantial material damage to the national finances" - which means individual degaussing and on site rendering to 6mm particles.

We're probably talking about several rooms full of P9xxx-sized disc storage arrays. By the time they're finished, the shredders themselves will be in need of a fairly expensive overhaul.

This is how it ends, however - not with a bang, but with a sort of 'nom-nom-nom' noise.

That's why accounttants are paid so much

"what the arrangements were for the data destruction, and what the cost would be."

Well, it's easy: you move all files to a single laptop, then give this laptop to a civil servant, and hey presto, noone knows what happened to it the day after.

Cost breakdown:

Brilliant idea: £100,000 bonus for whoever got it

Selecting a civil servant: £100,000 for picking a name at random (including purchasing of custom little pieces of paper specially ordered for this occasion, pens to write down names on the papers, and a platform hat from which a name will be pulled)

Laptop: £100,000 (including network cable, mouse, and 256MB RAM upgrade by a consultant, and security in te form of asking a number from 1 to 10 with locking of the machine after 10 unsuccessful attempts)

Civil servant selected: £100,000 bonus for the successfully losing the laptop in a public place)

Err...

What about traceability, insurance and compensation if something goes wrong? How do you know the students aren't nicking the disks or reading the data from them (which you didn't even start to erase properly - 0s, 1s, randoms, repeat about 8 times.)

I may well know that my disk has been erased because I saw it happen, but I need a bloody good audit trail to show my employer.

Pay me £400k

What they will actually do.

When they say destroy the data, that's exactly what they mean. They will have to gather up all the back-up tapes and irrecoverably destroy them, erasure is not enough for the impact level that ID Card data would have been held at.

Then there's the disk drives that will have to be securely erased, and the removed from their SAN trays and put through a specialised shredding device.

It is also probable that there's a whole host of other data stores that would need to be destroyed, like server boot devices and so on.

You would be surprised how much data can be recovered from an erased disk, even if you have overwritten in n times.

That's why it'll cost so much.

Oh yes and we mustn't forget the stupidly convoluted contract, but I think IPS probably has a data destruction contract in place for its systems, or its IT service provider should have.

RTFM!

Has no-one actually looked what is involved in the destruction of the data???

It's linked to from the main article (for the hard of thinking: http://www.theregister.co.uk/2010/11/08/government_will_shred_id_card_data/). Although, it still seems that £400K is a bit steep there's clearly a lot more involved than just putting a sledgehammer to some racks...

Personally, I'd be happy for the government to spend twice that amount to get rid of the NIR. A bloody good riddance!

The title is required, and must contain your National Insurance number

OMG

really, just really!!!!!!!!!

so are they saying that everyone else (banks, councils, hospitals) are destorying there data in correctly..unsafely,,,.. When i worked for the NHS we paid £50 a unit for the HDD to be shredded and the machines recyled - why cant they jsut do that....?

Like some of the above have said, i suppose its the consultancy fees and the server is going to the 'destroying centre' in a limo with bodyguard and escort (police on, not the other)

Putting into context

* 6 man-years at the pay rate of an ordinary back-bench MP, with the MPs taking four days to erase each card. [The salary of an MP is £65,738 according to http://www.parliament.uk/about/faqs/house-of-commons-faqs/members-faq-page2/]

I refuse to enoble a simple forum post....

Let's spend another 100k

on an artist's time to take the debris and create an artwork that will remind future politicians what the British people think of this sort of nonsense.

I'd prefer it if the disk platters were left largely intact, so that one could tell the sign-ups that their personal data had been welded into an artwork, and if they didn't like that they shouldn't have been in such a rush to hand it over in the first place.

I like this idea

I suggest that the platters be removed from the HDDs and a prize issued for designing a sculpture made from them. It should be errected within site of Parliament. I've seen the way "artists" weld, and I'll garantee you the hash they make will render those platters unreadable while forming a lasting memorial for those whose data is still on those platters.

Maybe Liberty giving the finger. Suggestions should be sent on the back of a Guy Fawkes mask to someone other than me.

Commentarts strike again...

All of you "I'd do it for half that" types, just think: How much fuss would you kick up if this data destruction wasn't done properly? I mean, in 5 years time when it comes on the news that they can't account for all of the disks and tapes that were destroyed, because the audit trail was balled up, and they say something like "well, we're pretty sure we got all of them, but we didn't write it down properly." What would you say?

400 grand seems like a lot of money, but it's a load of disk and tape from distributed datacentres. Not simple to keep track of, in fact it'll probably be a full on project just to make sure that they know what they're deleting and don't miss anything. It'd be more complicated if the arrays and tape libraries were shared, which is highly likely.

Really worrying........

What is really worrying about most of the posts is that people on this site are assumed to know a bit about computers - but obviously have no first idea about what is necessary to DESTROY data, thouroughly, permanently, and demonstrably.

Some of these people could be in charge of systems with sensitive data on, and they would just throw the discs in a heap and bash them with a hammer!

What a waste

Seems crazy to me that these systems are destroyed.

Of course proper data sanitation is required if the systems are to leave the government's control and (reasonably) secure data centres; but I would have thought they could be re-purposed for another government project providing that the classification of the their new role was equal or higher to the data held as part of the ID card scheme.

£400k may be the cost to shred the drives; but how much was the purchase cost - money that the government will surely be paying out again for more storage?

On the other hand

Thank goodness though!

Seriously, I know £400k seems a lot of dosh, but frankly I am still so glad that they are getting rid of this whole sorry system that I don't really care. We came damn close to being card-carrying members of HMP Britain. Phew!

that might get rid of the data but...

What about the photo booths that have been set up in all the main Post Offices. A friend was employed setting these up for the DVLA. Phase one was for renewing photo driving licences. Phase two was for the roll out of ID cards.